ISLAMABAD: The National Computer Emergency Response Team (CERT) upgraded its cybersecurity advisory after observing a spike in malicious online activity against individuals, businesses, and government websites.
Among other aspects of the alert, cyber criminals are targeting high-traffic days and engagements to develop phishing campaigns, fake sites, malware payloads, as well as opportunistic network intrusion attempts.
CERT said there is a considerably higher threat level due to a greater amount of online activity and increasing threat actor sophistication.
NCERT Cert warned that successful cyber attacks could lead to serious consequences, including financial loss from fake e-commerce sales and donation schemes, personal and corporate data theft, malware infection, denial of service, and reputational impact through website defacement and/or exposure of ‘stolen‘ data.
CERT cautioned the weaker the segmenting for both previous systems to attack all connected services. The advisory listed phishing emails, fake websites, malicious downloads, and public Wi-Fi access as the main attack avenues.
The advisory pointed to phishing emails, phony sites, malicious downloads, and unsafe public wi-fi as the primary attack vectors. Common lures in current cases include fake offers, charity solicitations, event invitations, and themed items such as wallpapers and applications.
The attacks tend to require little involvement from the user, just clicking on a link or submitting credential information, but can have high severity outcomes, including data breaches and operational shutdowns.
To mitigate those types of threats, CERT provided both individuals and organizations with a list of preventative measures. For the individual user, measures for consideration include enabling multi-factor authentication, ensuring timely updates to the many devices and applications in use, steering clear of unsecured public wi-fi to conduct sensitive work without a VPN, and the use of strong and unique passwords.
For the organizational user, measures for consideration included timely patching and securing content management systems, employing web application firewalls, segmenting networks, restricting remote access, and constant monitoring for suspicious activity.
CERT called for immediate action to patch systems, enable MFA, maintain offline backups, and strengthen monitoring and detection capabilities. CERT also pointed to the fact that public awareness and vigilance will always be the first level of defending against cyber threats, strongly encouraging citizens and organizations to report suspicious activities timely manner through the official portal.
